IAM Configuration Vulnerability Infographic

Ensure your organization's cloud environments are not susceptible to attacks similar to Capital One.

How do you track down AWS IAM Configuration Vulnerabilities?

Following significant data breaches, the most common question security and engineering teams get is “are we covered?” This vague inquiry from junior and senior members of an organizations is normally coupled with prodding around what actually happened so they themselves understand.

The Capital One data breach that was disclosed in July, 2019, is no different. We’ve put together this infographic that accompanies our blog post around what happened and what steps security teams need to take to ensure they have visibility into potential risks.

Questions Security Teams Need to Answer

In order to detect potential vulnerabilities in your IAM policies where a malicious user could assume administrative privileges on your critical resources, your security team needs to be able to answer the following 4 questions:

  • What are my publicly accessible or internet facing EC2 instances?
  • What IAM roles can these EC2 instances assume?
  • What policies are assigned to these IAM roles?
  • What permissions are allowed by these policies?

Challenges in Managing IAM Policies

Tracking down the answers to these 4 questions is not hard – it just takes time. For organizations with a robust infrastructure, the process would take days to weeks to complete. With that great a time investment, it simply isn’t feasible.

Another option is properly configuring your Policies from their creation. Unfortunately this is also time consuming and tricky. Going back retroactively to correct misconfigurations would be a significant time investment.

Visibility is the Objective

Security teams need to gain visibility in their digital environments to ensure they can quickly detect vulnerabilities the occur across any of their environments. On top of that, they need to be able to quickly understand the scope of a vulnerability by determining the potential blast radius should one occur.

Gaining Complete Visibility with JupiterOne

Organizations leveraging JupiterOne can use a single query to return answers to those 4 questions, across all of their digital environments, in seconds.

Providing Complete Visibility for Leading Cloud-Native Organizations

Providing Complete Visibility for Leading Cloud-Native Organizations

databricks logo